Bitcoin Update: "Your Money May Be 'Tied Up' In Unconfirmed Transactions"

Tyler Durden's picture

As the torch of responsibility is rapidly handed off from exchange to exchange to the Bitcoin source code, Gavin Andersen (one of Bitcoin's protocol core developers) explains just what is going on - and what it means for the 'wealth' stored in the virtual currency - "Users of the reference implementation who are bitten by this bug may see their bitcoins “tied up” in unconfirmed transactions" - so that's what 'bit' stands for in bitcoin...


Update On Transaction Malleability

You may have noticed that some exchanges have temporarily suspended withdrawals and wondering what’s going on or more importantly, what’s being done about it. You can be rest assured that we have identified the issue and are collectively and collaboratively working on a solution.


Somebody (or several somebodies) is taking advantage of the transaction malleability issue and relaying mutated versions of transactions. This is exposing bugs in both the reference implementation and some exchange’s software.


We (core dev team, developers at the exchanges, and even big mining pools) are creating workarounds and fixes right now. This is a denial-of-service attack; whoever is doing this is not stealing coins, but is succeeding in preventing some transactions from confirming. It’s important to note that DoS attacks do not affect people’s bitcoin wallets or funds.


Users of the reference implementation who are bitten by this bug may see their bitcoins “tied up” in unconfirmed transactions; we need to update the software to fix that bug, so when they upgrade those coins are returned to the wallet and are available to spend again. Only users who make multiple transactions in a short period of time will be affected.


As a result, exchanges are temporarily suspending withdrawals to protect customer funds and prevent funds from being misdirected.


Thanks for your patience.

As a reminder, Andersen previously explained:

Transaction malleability has been known about since 2011. In simplest of terms, it is a small window where transaction ID’s can be “renamed” before being confirmed in the blockchain. This is something that cannot be corrected overnight. Therefore, any company dealing with Bitcoin transactions and have coded their own wallet software should responsibly prepare for this possibility and include in their software a way to validate transaction ID’s. Otherwise, it can result in Bitcoin loss and headache for everyone involved.


As Mike Krieger recently noted,

Bitcoin is no longer in Phase 1 of its evolutionary cycle. I believe Phase 2 for Bitcoin began in earnest back in November 2013, when the Senate Committee on Homeland Security and Governmental Affairs held its first hearings on the topic. Those hearings made it clear that, at least for the moment, no significant roadblocks would be put in place to prevent people from transacting with one another using the crypto-currency. Phase 2 also saw the largest Bitcoin investment to-date, a $25 million infusion led by Silicon Valley VC firm Andreessen Horowitz, as well as acceptance by major U.S. retailers, with Overstock being the most significant. Bitcoin is becoming serious, and serious means serious accountability.

As a free market currency, the market will decide the products required to keep the Bitcoin protocol open and functioning to its highest potential.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Shizzmoney's picture


As a free market currency, the market will decide the products required to keep the Bitcoin protocol open and functioning to its highest potential.

This is what pleases the Federal Reserve (b/c, for now, they "control" the market).

This is also what keep every FOMC member up at night.

random shots's picture

Hacking could impact a digital currency based on zeros and ones?  Who would have thought?

Supernova Born's picture

Bit by a bug and left with no coin.

nmewn's picture

Incredible aint it?

Its like the damned Bit-ATM ran out of cash at the same time as Mt.Gox decided to take a Winklevoss so Shatoshi & crew could scram out the backdoor...what are the odds?

Lemme check my non-virtual stack over here...yep, it still seems to be ninety nine point ninety nine percent fine, just like I left it. Hell, I don't even have it in an account or encrypted or need electricty or internet.

I'm just kinda eyeballin it though ;-)

DaddyO's picture

At least you can eyeball your stack, I made the dreadful mistake of trying to show my PM's the nice springtime outdoors.

What a disaster that turned into, now I have to wait until the water temp gets warm enough for me to go snorkeling.

Even then I can't get deep enough to recover them, but they still glisten when the sun is just right and the algae blooms are not too high.

I guess the bitcoiners have to make sure they put their digital wallets in some sort of water proof sandwich bag huh?


TheHound73's picture

I stamp the private key in non-corrosive sheet metal.  Worked like a charm but I've since seemed to have misplaced it somewhere.

digi's picture

My bitcoins are still sitting there on the blockchain right where I left them. MtGox and any other fiat exchange can become insolvent and this won't effect my bitcoins.

Ralph Spoilsport's picture

So we have two things happening here. A massive DoS attack and fake transactions trying to hide in the noise of the DoS attack. Fun times indeed.

Againstthelie's picture

Definately as good as gold and silver coins. ;) People are that stupid, it's incredible.

Cacete de Ouro's picture

But what about the geothermally propelled bitcoin algorithm number crunching machines in Iceland that are working 24/7 .

I can't bear to break the news to them...

Citxmech's picture

Speaking of which, anybody know what the marginal cost of production is currently?  Seems like at a certain price, production should cease.

Australian Economist's picture

No counterparty risk they said...

Australian Economist's picture

Well if an exchange doesn't exchange your exchange I guess its not a problem. I mean it's not as I've you wanted that transaction to complete.

Urban Redneck's picture

If I give you bitcoins to provide a good or service, and you don't provide the goods or service as specified, what is my recourse?

What is the definition of counter-party risk?

Saro's picture

Bitcoin has no inherent counterparty risk.  However, when you hand someone something you own because they promise to take care of it, you just introduced some.

Gold is no different, by the by.

Urban Redneck's picture

By that definition, the USD has no counter-party risk.

Most gold transactions are either face-to-face or involve specific mechanisms to protect against counter party risk (Reg E for retail) and Bank Letters of Credit for commercial.

In the good old days before TBTF - licenses were yanked and fines were imposed for the sort of blatant disregard of reality or nuance, or outright fraudulent product pumping that the new kid is pushing (at least until one was well established in the industry - as Madoff clearly demonstrated).

Saro's picture

USD has counterparty risk because another party controls the quantity.  Bitcoin has no central bank.

My point is, we don't say that gold "has counterparty risk" merely because it can be stolen or misplaced.

Urban Redneck's picture

That's pricing risk, not counter-party risk (unless you're an institution-sized player who can just lop off the ,000.00 and use USTs as Fedline currency), or an "investor" in USD accounts at financial institutions- since what a bank depositor actually has is a claim on a percentage share their bank's Mt. Eccles FedWallet (which is most certainly subject to unilateral quantity changes), but the latter type of "investor" is probably the same sort of "investor" who would park their Bitcoin wallet at a seductively "convenient" Bitcoin Bank/exchange.

With the current questions surrounding Mt Gox operations there may be overlapping custody risk and fiduciary risk issues depending the circumstances of an individual Bitcoin user, but at this point hard facts about the financial solvency and viability of Mt Gox are in short supply vs the excess of speculation.

For any currency, one can theoretically avoid counter-party risk by not engaging in a transaction. However, if there is a currency transaction between two parties there has to be counter-party risk (and if it's big enough- usually a banker peddling "insurance" for that risk).

TheHound73's picture

Bitcoin requires a 3rd party known as "the internet".  But as long as that is up and running nothing can stop you from sending or receiving funds to/from anyone.

BTCTalks's picture

Bear in mind that this is a temporary glitch. Individuals are trying to find the same weaknesses that existed on MFGox across the bitcoin ecosystem. This is the equivalent of taking a box of receipts to a store hoping that they will give you a refund. Most (hopefully) exchanges have been aware of the trans mal issues and are not vulnerable in the same way that the thieves at MFGox were. BTC has already rallied back to the previous levels. We'll see what happens next.

BlackChicken's picture

Serious question: how in the actual &$@% do you know that?

Urban Redneck's picture

He doesn't know. He's either a lying shill or a retard.

Saro's picture

How does he know what?  How does he know that it's a temporary glitch?

Because the issue is well-known and there are already well-known solutions for it.  Exchanges simply can't wait any longer to implement them.

chemystical's picture

with all due respect, yes, the glitch is known and has been speculated on well before this manifiestation,

BUT...if the solution was simple it would have already been implemented.  Other solutions to exposed vulnerabilities have been implemented and much more quickly.  In this instance the "known" cures might be worse than the ailment. 

nmewn's picture

Did you just say the word glitch?

There was a time, in Central Planning Folklore 101 where this was an acceptable word, not anymore.

Now you're a razzzist ;-)

Golden Showers's picture

Viz Full Metal Joker: Howdy, Pilgrim. You can eat the Bitcoins out of my Shi-it.

Golden Showers's picture

First they hate you, rebel against you, and then they eat the bit coins out of your shit.

Have a bit-coin day!

Make today a Bit Coin day.

Bit Coin: for the distinguished douche nozzle.

Oh, and happy Valentine's Day and President's Day.

It's too bad that your boat sank and all your bitch coins are underwater.

I took all your soggy biaatch coins and now I'm rich, Biaatch!

I invested in scuba gear while y'all weren't looking. Ha hah haha ha!!!

Cacete de Ouro's picture

The exchange IS the counterparty is this instance.

It is not acting as a central netting hub

Son of Captain Nemo's picture

Interesting and "believeable" that we are coming close to another Langley/Ft. Mead surprise courtesy of AT&T and Verizon's backbone

These guys have been attacking commercial banks right and left for the last year with increasing volume with the techniques outlined in this RT news clip you posted.


chump666's picture

There was a wire report on FX from FT news about Russia clamping down on Bitcoin a few days back and now we get a DDoS attack that aimed at Bitcoin exchanges and other sources.  For this scale of magnification it has to be a government. Russia screwed with Georgia (elections) with DDoS attacks in 2007. So, very possible it's a cyber warfare play rather than just some "group"

Son of Captain Nemo's picture

But of course.  It's the trojan horse that potentially has lots of gifts.

Russia is smart to be shutting it down.  That announcement and action by the Russian banks speaks plenty about the source.

Leaf of Tree's picture

It's probably Putin playing Minesweeper on his Russian-made smarthone causing "interferences"

Leaf of Tree's picture

Eastern Europe is filled with central command rooms of large botnets from all over the world.

The FED could rent, if the price is right, all this infrastructure and DDoS the bitcoin network.

And then blame it on Russian hackers.

chump666's picture

Putin's doomsday computer

MeelionDollerBogus's picture

bu-bu-but tha bitcoynz has the invulnerablez!!!!

Saro's picture

Bitcoin is a protocol, and is still working just fine.  It's bad implementation code in the ecosystem around it that's causing issues.

Leaf of Tree's picture

That's like saying Fiat debt money system is a sound concept.

Just that the implementation might suck if is done by humans.

Saro's picture

If the post office loses a package of precious metals in transit, does this imply precious metals are a bad investment?

notadouche's picture

But the layperson can use tracking numbers to solve the riddle of the lost package. Tell me, can the layperson solve the riddle of whatever ails bitcoin?  I'm not being a wise ass, I'm asking a serious question and pointing out a significant difference between the two vehicles.

Saro's picture

That's actually quite an apropos question, since it's the tracking numbers that are getting messed with in Bitcoin currently.  The packages are still getting to their destination just fine, but someone's screwing with the tracking numbers enroute, making it more difficult to figure out where they are in transit.  Annoying, but not a catastrophe by any means.  

But to answer your question, yes:  if you can type a tracking number into the UPS site, you can type a source or destination number into the site.

TheHound73's picture

THAT is the exact analogy I thought of while walking my dog this morning, Saro.  Cheers.

MeelionDollerBogus's picture

is that a valid comparison when the boxes are expected to only carry numbers, compared to boxes that actually contain things?

I think the comparison is invalid. The point of gold is in-person real-atoms savings, and that includes cutting out the post or wire transfers to ensure real atoms are attained without loss of purchase using other forms of money.

Bitcoin doesn't have something other than the delivery, it is the delivery method, nothing on the other end is being delivered, or ever would be. It's not meant to be.

MeelionDollerBogus's picture

hm, fair enough but be defended. It's not like implementations of network hardware or software have been bug-free & we manage to get by. Just don't bet too much knowing deep flaws are there (and not just in bitcoin).

Manipuflation's picture

I noticed that my BTC friends were a little crabby about that.  I am lost in Windows 7 right now.  My nine year old daughter brought me her computer and said "Dad, it's not working right".  You really ought to see all of the installs she has made!  I am not even sure I can unfuckulate that thing short of wiping the hard drive.  This will take me all night.  Gotta love crypto currency and children.

logicalman's picture

You should still back up EVERYTHING first.

That way you can go through everything for anything you might need, at leasure.

Not to take away from the point I think you were trying to make, just advice regarding data.

Manipuflation's picture

I have five comps running so I am not too worried.  It's just amazing what kids will do.

notadouche's picture

In the words of many a woman after performing the walk of shame, "you can't unfuck someone",  or in this case Windows 7.

whatthecurtains's picture

"Transaction malleability has been known about since 2011. "

WTF that was 3 years ago.   So now that it is bringing the exchanges down you finally decide to implement fixes?